New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Questions and Answers

Questions 4

Which of the following statements is correct regarding the policy settings displayed in the exihibit?

Options:

A.

The Heartbeat interval value displayed in this policy is inherited from the parent policy

B.

Deep Security Agents using the displayed policy will send event details to Deep Security Manager every 5 minutes.

C.

All Deep Security Agents will send event details to Deep Security Manager every 5 minutes.

D.

Deep Security Manager will refresh the policy details on the Deep Security Agents using this policy every 5 minutes.

Buy Now
Questions 5

What is IntelliScan?

Options:

A.

IntelliScan is a method of identifying which files are subject to malware scanning as determined from the file content. It uses the file header to verify the true file type.

B.

IntelliScan is a mechanism that improves scanning performance. It recognizes files that have already been scanned based on a digital fingerprint of the file.

C.

IntelliScan reduces the risk of viruses entering your network by blocking real-time compressed executable files and pairs them with other characteristics to improve mal-ware catch rates.

D.

IntelliScan is a malware scanning method that monitors process memory in real time. It can identify known malicious processes and terminate them.

Buy Now
Questions 6

Which of the following statements is false regarding the Log Inspection Protection Module?

Options:

A.

Custom Log Inspections rules can be created using the Open Source Security (OSSEC) standard.

B.

Deep Security Manager collects Log Inspection Events from Deep Security Agents at every heartbeat.

C.

The Log Inspection Protection Module is supported in both agent-based and agentless environments.

D.

Scan for Recommendations identifies Log Inspection rules that Deep Security should implement.

Buy Now
Questions 7

What is the purpose of the Deep Security Relay?

Options:

A.

Deep Security Relays distribute load to the Deep Security Manager nodes in a high-availability implementation.

B.

Deep Security Relays forward policy details to Deep Security Agents and Virtual Ap-pliances immediately after changes to the policy are applied.

C.

Deep Security Relays maintain the caches of policies applied to Deep Security Agents on protected computers to improve performance.

D.

Deep Security Relays are responsible for retrieving security and software updates and distributing them to Deep Security Manager, Agents and Virtual Appliances.

Buy Now
Questions 8

Which of the following statements is true regarding Intrusion Prevention rules?

Options:

A.

Intrusion Prevention rules can block unrecognized software from executing.

B.

Intrusion Prevention rules check for the IP addresses of known malicious senders within a packet

C.

Intrusion Prevention rules can detect or block traffic associated with specific applica-tions, such as Skype or file-sharing utilities.

D.

Intrusion Prevention rules monitor the system for changes to a baseline configuration.

Buy Now
Questions 9

When viewing the details for a policy, as displayed in the exhibit, you notice that the Application Control Protection Module is not available. In this example, why would this Protection Modules not be available?

Options:

A.

The Application Control Protection Module has been disabled at the Base Policy level and is not displayed in the details for child policies.

B.

The Application Control Protection Module is only supported on Linux computers, the policy details displayed are for Windows computers only.

C.

An Activation Code for the Application Control Protection Module has not been pro-vided. Unlicensed Protection Modules will not be displayed.

D.

The Application Control Protection Modules has not been enabled for this tenant.

Buy Now
Questions 10

What is the result of performing a Reset operation on a Deep Security Agent?

Options:

A.

A Reset operation generates Event information that can be used to troubleshoot Agent-to -Manager communication issues.

B.

A Reset operation forces an update to the Deep Security Agent software installed on a managed computer.

C.

A Reset operation forces the Deep Security Agent service to restart on the managed computer.

D.

A Reset operation wipes out any Deep Security Agent settings, including its relationship with Deep Security Manager.

Buy Now
Questions 11

A Deep Security administrator wishes to monitor a Windows SQL Server database and be alerted of any critical events which may occur on that server. How can this be achieved using Deep Security?

Options:

A.

The administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Integrity Monitoring Protection Module. A rule can be assigned to monitor the Windows SQL Server for any modifications to the server, with Alerts enabled.

B.

The administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Log Inspection Protection Module. A rule can be assigned to monitor the Windows SQL Server for any critical events, with Alerts enabled.

C.

The administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Intrusion Prevention Protection Module. A Recommendation Scan can be run and any suggested rule can be assigned to monitor the Windows SQL Server for any vulnerabilities, with Alerts enabled.

D.

This can not be achieved using Deep Security. Instead, the administrator could set up log forwarding within Window SQL Server 2016 and the administrator could monitor the logs within the syslog device.

Buy Now
Questions 12

The "Protection Source when in Combined Mode" settings are configured for a virtual machine as in the exhibit. You would like to enable Application Control on this virtual machine, but there is no corresponding setting displayed. Why?

Options:

A.

In the example displayed in the exhibit, no activation code was entered for Application Control. Since the Protection Module is not licensed, the corresponding settings are not displayed.

B.

These settings are used when both an host-based agent and agentless protection are available for the virtual machine. Since Application Control is not supported in agentless installations, there is no need for the setting.

C.

In the example displayed in the exhibit, the Application Control Protection Module has not yet been enabled. Once it is enabled for this virtual machine, the corresponding settings are displayed.

D.

In the example displayed in the exhibit, the VMware Guest Introspection Service has not yet been installed. This service is required to enable Application Control in agentless installations.

Buy Now
Exam Name: Trend Micro Certified Professional for Deep Security Exam
Last Update: Dec 27, 2024
Questions: 80
Deep-Security-Professional pdf

Deep-Security-Professional PDF

$25.5  $84.99
Deep-Security-Professional Engine

Deep-Security-Professional Testing Engine

$30  $99.99
Deep-Security-Professional PDF + Engine

Deep-Security-Professional PDF + Testing Engine

$40.5  $134.99